Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Schneier on Internet of Things Security: "It's Going to Come Crashing Down"

April 16, 2015

A recent ComputerWorld interview with cybersecurity guru Bruce Schneier highlights his "doomsday" view of IoT security. Always blunt, Schneier's remarks are to the point.

As a teaser, here's a question and answer:

"What should enterprises worry about when it comes to the Internet of things?

Everything."

Elegant in its simplicity and quite likely true. The prolific IoT devices are mostly low-margin, likely to be insecure and enable surveillance. As Schneier notes, in the computer world of the 90s, no one was paying any attention to security – the IoT world is now much the same. He comments, "it’s all really, really bad and it’s going to come crashing down."

I loved this bit: "Do you know the way you patch your home router? You throw it away and buy a new one. And that is going to be a freakin’ disaster."

Schneier believes (as I do) that companies will make the next new IoT thing and then the next and no one will do updates – heck, ultimately no one may know how the thing works. All of the devices will have vulnerabilities and most of them won't be able to be patched.

If your smart thermostat is connected to your network, that could be the entry point for attack.

Will employees bring their IoT devices to work, thereby presenting another point of vulnerability? Sure.

More vintage Schneier: "They no longer say you can’t bring in your own tablet. People would just quit. I think you’ll have a hard time enforcing any of those rules because [IoT] is so powerful. If the CEO says, “We’re saving 20% of our energy bill,” and the security guy says, “But it’s insecure,” the CEO will say, “Shut up. We’re saving 20% on our energy bill. Go away.”

After the crash, does he believe it will be better? Yes. "It’s going to be solved by weird stuff, like there’ll be security within the (network) because the endpoints are all crap."

One can never assert that Schneir is not a plain speaker. A fun read and he reads the goat entrails quite well from my foxhole.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq
www.linkedin.com/in/sharondnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Schneier on Internet of Things Security: "It's Going to Come Crashing Down"

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer